fb33b8a4bbdf9216d3850a0dbfe3aecf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fb33b8a4bbdf9216d3850a0dbfe3aecf_JaffaCakes118
Size

1.7MB
MD5

fb33b8a4bbdf9216d3850a0dbfe3aecf
SHA1

8e432c2f85d75aa394b5954e25f4e7062a6e82ad
SHA256

16d49ad0860de7143fbea4068eb95f521659dd18028522578a5b1c453b9b160f
SHA512

b51fbce128eef7a9bcc19bdafa7c08965890c00850e80ee21249d2587d8787b2f925fb2113b4b5128213ffabb6a266f0aa83bc287ce36910759864c5aaac0e84
SSDEEP

49152:qE678EX1L88D2NpMf9ydaE3G87pk7+5g2rwoTH/SaS8xrKljKVl2M:q8k1LbKNp2UaXipka5trwoTH/7S8fl2M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb33b8a4bbdf9216d3850a0dbfe3aecf_JaffaCakes118

Files

fb33b8a4bbdf9216d3850a0dbfe3aecf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28fda2b61881c063b6b3bb68b950377d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
GetSystemTime
FreeLibraryAndExitThread
OpenSemaphoreW
VirtualAlloc
LoadLibraryExW
SetCommMask
SetProcessAffinityMask
GlobalFindAtomW
RaiseException
EndUpdateResourceA
WritePrivateProfileStructA
GetDriveTypeW
FreeResource
GetCommState
WaitNamedPipeA
CreateMutexA
IsBadWritePtr
RemoveDirectoryW
VirtualQuery
SetConsoleWindowInfo
PulseEvent
ReadConsoleA
WritePrivateProfileSectionA
SetConsoleOutputCP
FindFirstFileExW
SetEnvironmentVariableW
PeekConsoleInputW
GetLargestConsoleWindowSize
GetEnvironmentVariableW
GetThreadPriority
GetProcessTimes
SetConsoleMode
MoveFileExA
SetMailslotInfo
GetShortPathNameA
SetTimeZoneInformation
PurgeComm
GetTempFileNameA
UnmapViewOfFile
GenerateConsoleCtrlEvent
WriteFile
GetTapeParameters
_lopen
IsValidLocale
ReadConsoleInputW
GetLocaleInfoW
MultiByteToWideChar
GetCurrentProcess
FindResourceExW
CopyFileExW
GetConsoleMode
CreateIoCompletionPort
WriteConsoleOutputW
GlobalAddAtomA
GetSystemDirectoryW
SwitchToFiber
GetNumberFormatW
lstrcpyA
GetSystemInfo
WriteConsoleOutputCharacterA
GetOverlappedResult
GetTempPathW
LocalAlloc
GetEnvironmentStringsW
EnumResourceNamesW
GetFullPathNameA
LocalReAlloc
GetHandleInformation
EnumCalendarInfoW
GlobalGetAtomNameW
DosDateTimeToFileTime
GetACP
_llseek
SetEvent
SetCurrentDirectoryA
SetHandleCount
EraseTape
GetCommModemStatus
CreateFileW
LocalLock
GetCurrentProcessId
IsDBCSLeadByteEx
ExitThread
OpenMutexA
GetTickCount
SetThreadAffinityMask
GlobalFindAtomA
SetCommTimeouts
GetCommandLineW
VirtualProtect
GetFileAttributesExA
GlobalFree
ExitProcess

user32

DrawTextA
GetDC
IsZoomed
GetClipboardData
DrawTextExA
GetCursorPos
SendDlgItemMessageA
DrawStateA
GetKeyboardLayoutNameA
IsRectEmpty
CallWindowProcW
PeekMessageW
ChangeMenuW
GetWindowTextLengthW
GetWindowInfo
GetAncestor
LoadBitmapW
InflateRect
LoadMenuIndirectW
GetParent
MenuItemFromPoint
SetParent
LoadMenuA
MonitorFromRect
SetWindowRgn
InSendMessage
GetTabbedTextExtentA
HideCaret
GetMenuStringW
SetDlgItemInt
DialogBoxIndirectParamA
DeleteMenu
CharToOemW
GetDlgItemTextW
DrawStateW
GetWindowTextW
SetClassLongA
CloseWindow
SetPropW
DispatchMessageW
DestroyMenu
InternalGetWindowText
GetThreadDesktop
EnumDesktopsW
SendMessageW
CheckMenuRadioItem
ValidateRect
SetLastErrorEx
SetRectEmpty
CharNextExA

gdi32

GetDIBColorTable
EnumObjects
SetPaletteEntries
CreateFontA
GetCurrentPositionEx

comdlg32

GetOpenFileNameW
ChooseColorA

advapi32

LookupAccountSidW
SetPrivateObjectSecurity
LogonUserW
QueryServiceConfigW
ReportEventW
EnumServicesStatusA
RegReplaceKeyW
QueryServiceConfigA
RegQueryValueW
GetSecurityDescriptorOwner
SetKernelObjectSecurity
LookupPrivilegeNameA
SetSecurityInfo
RegDeleteValueA

shell32

SHGetSettings
SHLoadInProc
SHGetSpecialFolderLocation

ole32

OleFlushClipboard
CoInitializeEx
GetRunningObjectTable
IIDFromString
OleSetContainedObject
CoRegisterClassObject
CoGetObject
PropVariantCopy

oleaut32

LoadTypeLibEx
VariantCopy
VariantChangeType
SafeArrayUnaccessData
SysStringLen
LoadTypeLi

shlwapi

StrRetToStrW
StrRChrA
SHRegOpenUSKeyW
PathAddExtensionW
StrChrIA
StrFormatByteSizeA
wvnsprintfW
PathUnquoteSpacesA
UrlCreateFromPathW
wnsprintfW
StrCatW
SHSetThreadRef
PathIsDirectoryW
StrCpyNW
PathCommonPrefixW
StrCmpNW
PathRemoveBackslashA

Sections

.text
Size: 6KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28fda2b61881c063b6b3bb68b950377d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 6KB - Virtual size: 222KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 222KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 17KB - Virtual size: 16KB